From 6eda223a9360e4fa0c4f0f110e8c5e27d61c31f7 Mon Sep 17 00:00:00 2001
From: Brett Mastbergen <bmastbergen@ciq.com>
Date: Mon, 10 Nov 2025 10:34:02 -0500
Subject: [PATCH] [JPC] Support cve-bf and cve-pre CVE reference formats

Allow commits to reference CVEs using 'cve-bf CVE-YYYY-NNNN' or
'cve-pre CVE-YYYY-NNNN' in addition to the standard 'cve CVE-YYYY-NNNN'
format when validating against JIRA VULN tickets.  Otherwise we will
output a warning for these commits even though they are correctly
referencing the CVE from the ticket.
---
 jira_pr_check.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/jira_pr_check.py b/jira_pr_check.py
index c0c8eb9..befbc81 100755
--- a/jira_pr_check.py
+++ b/jira_pr_check.py
@@ -196,11 +196,11 @@ def main():
                             vuln_tickets.append(part.upper())
 
                 # Check for CVE line
-                # Assume format: "cve CVE-YYYY-NNNN"
+                # Assume format: "cve CVE-YYYY-NNNN", "cve-bf CVE-YYYY-NNNN", or "cve-pre CVE-YYYY-NNNN"
                 # There will only be one CVE per line, but possibly multiple CVEs listed
-                if stripped.lower().startswith('cve '):
+                if stripped.lower().startswith(('cve ', 'cve-bf ', 'cve-pre ')):
                     parts = stripped.split()
-                    for part in parts[1:]:  # Skip 'cve' keyword/tag
+                    for part in parts[1:]:  # Skip 'cve'/'cve-bf'/'cve-pre' keyword/tag
                         # CVES always start with CVE-
                         if part.upper().startswith('CVE-'):
                             commit_cves.append(part.upper())